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DETAILED ACTION 
Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed in the United States 
before the invention by the applicant for patent or (2) a patent granted on an application for patent by another filed in the United 
States before the invention by the applicant for patent, except that an international application filed under the treaty defined in 
section 351(a) shall have the effects for purposes of this subsection of an application filed in the United States only if the 
international application designated the United States and was published under Article 21(2) of such treaty in the English language. 

2. Claims 1,31 are rejected under 35 U.S.C. 102(e) as being anticipated by Cheng ct 
al(7,274,694). 

3 . As per claim 1 , Cheng et al. discloses a method for network protocol filtering of a packet using 
an address resolution table that is cross-linked with a state table indexed with an address 
resolution table index (ART index)(see col. 1, lines 48-51), the packet having a Media Access Control 
(MAC) destination address, the method comprising: determining a packet type for the packet; obtaining 
packet information for the packet including the MAC destination address(see col. 2, lines 60-65); 
determining that the MAC destination address is included in an entry in the address resolution table; 
obtaining the ART index associated with the MAC destination address from the entry in the address 
resolution table wherein the ART index is an index into the state table for locating an entry in the state 
table; and storing the ART index and the packet information in a data structure associated with the state 
table(see col. 1, lines 52-56, 65-67, col. 2, lines 1-3, col. 3, lines 41-53). 

4. As per claim 3 1 , Cheng discloses a method for outbound packet filtering using an 

address resolution table that is cross-linked with a state table indexed with an address resolution table 
index (ART index), the packet having a Media Access Control (MAC) destination address, the method 
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comprising: obtaining a packet; determining whether an incoming interface for the packet is running 
network address translation; if the incoming interface is running the network address translation (see col. 
1, lines 48-56, 65-67, col. 2, lines 1-3, 60-65, col. 3, lines 41-53). 



Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all obviousness 

rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this 
title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter 
pertains. Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 2-9, 14, 19, 27, 29, 36-41, 52 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Cheng et al(7,274,694) in view of Goldberg(2004/00131 12). 

7. As per claim 2, Cheng discloses an address resolution table(see col. 3, lines 41-53). Cheng does 
not disclose; however, Goldberg discloses determining whether the packet is for a new connection; and 
responsive to the packet not being for the new connection, determining whether the packet information 
is in the table[0009-0010, 0048]. It would have been obvious to one of ordinary skill at the time of the 
invention to include determining whether the packet is for a new connection of Goldberg with Cheng, 
the motivation is that when new sessions are detected, created and data related thereto is stored in a 
session database. An attempt is made to recognize each received packet and associate it with a 
previously opened session. Recognition of a session is accelerated by use of a hash table to quickly 
determine the corresponding session record in the session database [0009 of Goldberg]. 



Application/Control Number: 10/603,416 Page 4 

Art Unit: 2439 

8. As per claim 3, Cheng is silent on; however, Goldberg discloses wherein the packet type is a 
Transmission Control Protocol type[0055]. It would have been obvious to one of ordinary skill in the art 
at the time of the invention to include a packet type that is TC of Goldberg with Cheng; the motivation is 
that TCP provides reliable, ordered delivery of a stream of bytes[0055]. 

9. As per claim 4, Cheng is silent on; however, Goldberg discloses wherein the packet type is a 
User Datagram Protocol type[0055]. It would have been obvious to one of ordinary skill in the art at the 
time of the invention to include a packet type is a UDP of Goldberg with Cheng, the motivation is that 
UDP is a simple transmission without implicit handshaking for guaranteeing reliability, ordering, or data 
integrity[0055]. 

10. As per claims 5, 36, Cheng is silent on; however, Goldberg discloses wherein the packet 
information is a five-tuple including source and destination addresses, source and destination ports, and 
a packet type identifier [0055]. It would have been obvious to one of ordinary skill in the art at the time 
of the invention to include a five-tuple of Goldberg with Cheng, the motivation is that five-tuple lookups 
are the basis of access control lists and are an effective means of classification[0055]. 

11. As per claims 6, 37, Cheng is silent on; however, Goldberg discloses wherein the packet type is a 
Generic Routing Encapsulation type[0055, 0130]. It would have been obvious to one of ordinary skill in 
the art at the time of the invention to include a packet type is a Generic Routing Encapsulation type of 
Goldberg with Cheng, the motivation is using Generic Routing Encapsulation is a tunneling protocol 
that can encapsulate a variety of packets[0055, 0130]. 
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12. Same Motivation as claim 5. As per claims 7, 38, Cheng is silent on; however, Goldberg 
discloses wherein the packet information is a five-tuple including source and destination addresses, an 
apportioned Generic Routing Encapsulation identifier, and a packet type identifier [005 5, 0085]. 

13. As per claims 8, 39, Cheng is silent on; however, Goldberg discloses herein the packet type is an 
Internet Protocol Security type[0055-0056]. It would have been obvious to one of ordinary skill in the 
art at the time of the invention to include an Internet Protocol Security type of Goldberg with Cheng, the 
motivation is that securing IP communication by authenticating and encrypting each IP packet of a data 
stream[0055-0056]. 

14. Same Motivation as claim 5. As per claims 9, 40, Cheng is silent on; however, Goldberg 
discloses wherein the packet information is a five-tuple including source and destination addresses, an 
apportioned security parameter string, and a packet type identifier [0009, 0055]. 

15. As per claim 14, Cheng discloses a method for inbound network address translation packet 
filtering using an address resolution table that is cross-linked with a state table indexed 

with an address resolution table index (ART index), the packet having a Media Access Control (MAC) 
destination address, obtaining packet information from the packet including the MAC 
destination address; determining that the MAC destination address is included in the address 
resolution table; obtaining the ART index associated with the MAC destination address from the entry in 
based on the address resolution table, wherein the ART index -is an index into the state table for locating 
an entry in the state table; and storing the ART index and the product information in the data structure 
associated with the state table(see col. 1, lines 48-56, 65-67, col. 2, lines 1-3, 60-65, col. 3, lines 41-53).. 
Cheng is silent on; however, Goldberg discloses obtaining a packet; determining whether type of the 
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packet is one of a Transmission Control Protocol, if the type is the Transmission Control Protocol type, 
determining if the packet is an initial packet for a connection[0009-0010, 0048, 0055]. It would have 
been obvious to one of ordinary skill in the art at the time of the invention to include TCP of Goldberg 
with Cheng, the motivation is that TCP provides reliable, ordered delivery of a stream of bytes[0055]. 

16. As per claims 19, 41, Cheng is silent on; however, Goldberg discloses checking validity of layers 
of the packet; checking Internet Protocol options for the packet; and determining whether the packet is a 
fragment[0055-0056]. It would have been obvious to one of ordinary skill in the art at the time of the 
invention to include checking the validity of the packet of Goldberg with Cheng, to track the session 
state and verify its legality [0056]. 

17. As per claims 27, 52, Cheng is silent on; however, Goldberg discloses wherein the data structure 
is for a plurality of canonical frame headers[0061]. It would have been obvious to one of ordinary skill 
in the art at the time of the invention to include a canonical frame header of Goldberg with Cheng, the 
motivation is that the session related data and parameters is stored in the session database. A hash 
pointer to the new session is then calculated and stored in the hash table[0061]. 

18. As per claim 29, Cheng is silent on; however, Goldberg discloses wherein the state table is a 
connection table[0048]. It would have been obvious to one of ordinary skill in the art at the time of the 
invention to include a connection table of Goldberg with Cheng, the motivation is to maintain a 
connection table referred to as a session database for monitoring the state of a conmiunications 
session[0048]. 
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Response to Applicant 

1 9. The Applicant's terminal disclaimer was not approved, because the POA filed 9/1 8/06 list 
Gendaq as the assignee. Correction is required in order for terminal disclaimer to be approved. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the examiner should be 
directed to JENISE E. JACKSON whose telephone number is (571)272-3791 . The examiner can normally 

be reached on Increased Flex time, but generally in the office M-Fri(8-4:30).. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Edan Orgad 
can be reached on (571) 272-7884. The fax phone number for the organization where this application or 
proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 
866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or 
access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

May 22, 2010 
/J. E. J./ 

Examiner, Art Unit 2439 
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/Edan Orgad/ 

Supervisory Patent Examiner, Art Unit 2439 



